Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Bücher
Zeitschriften
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
MTZ-Fachkongress

Antriebe und Energiesysteme von morgen


Austausch von Automobil- und Energiewirtschaft

Am 14./15. Mai geht es in Chemnitz um die Mobilitätswende durch Elektro- und Wasserstofffahrzeuge.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
The Psychology of Cybersecurity Kapitel lesen Erstes Kapitel lesen

2023 | OriginalPaper | Buchkapitel

7. Host Security Technology

verfasst von : Seth James Nielson

Erschienen in: Discovering Cybersecurity

Verlag: Apress

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Digging into a more concrete topic, this chapter covers both attacks and defenses on host computer systems. The first half of the chapter focuses on building a robust system using isolation and access control through operating system design, hardware enforcement and software enforcement. The second half of the chapter digs into attacks on these systems through exploitation of design flaws and/or malicious software.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel Cryptographic Systems Technologies
Nächstes Kapitel Classical Network Security Technology
Fußnoten
1
There is another, related security design principle known as the principle of complete mediation. This principle states that a protected resource must have all accesses mediated.
 
2
Many programs start with a main function, or subroutine, that starts the program and calls all other subroutines.
 
3
As I explained earlier, in a real system there are no names like C or F. Instead, the data would be stored in the stack by address, as the stack is just a set of memory addresses. I also mention in passing that this kind of data might not be stored on the stack at all but could be stored in registers instead.
 
4
Actually, text like this almost always includes a special invisible character at the end called the null terminating character. This is used to mark the end of the string in the buffer. This means that this buffer can actually only hold 79 characters.
 
5
Coincidentally, BSD is also related to modern versions of the MacOS system.
 
6
However, the first uninstaller they released was also problematic and, according to some accounts, made things worse [126]!
 
7
The lesson is, do not mess with Brian Krebs.
 
Literatur
11.
TA13-032: Oracle Java multiple vulnerabilities. 2 2013. Last updated: 19 Oct 2016.
13.
Crisis: Security vs performance. 04 2018.
20.
Forensic methodology report: How to catch NSO group’s pegasus. 07 2021.
23.
25.
Intel SGX deprecation review. 01 2022.
27.
28.
Mcafee endpoint security 10.6.0—threat prevention product guide—windows. Technical report, Trellix, 2023.
29.
Acronis. 2018. A guide to ransomware and how acronis active protection can help.
31.
Agarwal, A., S. O’Connell, J. Kim, S. Yehezkel, D. Genkin, E. Ronen, and Y. Yarom. 2022. Spook.js: Attacking chrome strict site isolation via speculative execution. In 43rd IEEE Symposium on Security and Privacy (S&P’22).
35.
Aleph One (Unknown Author). 1996. Smashing the stack for fun and profit. 7(49): 11. newsgroup article or web page (?).
40.
Anderson, R.J. 2020. Security Engineering: A Guide to Building Dependable Distributed Systems, 3 ed. Wiley Publishing.CrossRef
42.
Arm Limited, Cambridge, England. 2018. Arm TrustZone Technology for the Armv8-M Architecture, version 2.1 edition.
43.
Arm Limited, Cambridge, England. 2022. Introduction to the Armv8-M Architecture and Its Programmers Model, version 1.0 edition
45.
Arntz, P. 2013. What is host intrusion prevention system (HIPS) and how does it work?
46.
Arntz, P. 2021. Ryuk ransomware develops worm-like capability.
50.
Bazaliy, M., C. Neckar, G. Sinclair, and in7egral. 2016. Technical analysis of the pegasus exploits on IoS. Technical report, Lookout
60.
Bishop, M. 2019. Computer Security Art and Science, 2nd ed. Addison-Wesley Professional.
62.
Bossler, A., and T. Holt. 2009. On-line activities, guardianship, and malware infection: An examination of routine activities theory. International Journal of Cyber Criminology (IJCC) ISSN 3: 974–2891.
69.
Cawthra, J., M. Ekstrom, L. Lusty, J. Sexton, and J. Sweetnam. 2020. Data integrity: Detecting and responding to ransomware and other destructive events. Special Publication (NIST SP) 1800-26, National Institute of Standards and Technology, Gaithersburg.
70.
Cerdeira, D., N. Santos, P. Fonseca, and S. Pinto. 2020. SoK: Understanding the prevailing security vulnerabilities in trustzone-assisted tee systems. In 2020 IEEE Symposium on Security and Privacy (SP), 1416–1432.
72.
Chaumette, S., O. Ly, and R. Tabary. 2011. Automated extraction of polymorphic virus signatures using abstract interpretation. In 2011 5th International Conference on Network and System Security, 41–48. IEEE.
75.
76.
82.
Cowan, C., C. Pu, D. Maier, J. Walpole, P. Bakke, S. Beattie, A. Grier, P. Wagle, Q. Zhang, and H. Hinton. 1998. StackGuard: Automatic adaptive detection and prevention of Buffer-Overflow attacks. In 7th USENIX Security Symposium (USENIX Security 98), San Antonio. USENIX Association.
83.
Cowan, C., P. Wagle, C. Pu, S. Beattie, and J. Walpole. 2000. Buffer overflows: Attacks and defenses for the vulnerability of the decade. In Proceedings DARPA Information Survivability Conference and Exposition (DISCEX’00), vol. 2, 119–129. IEEE.
84.
Craciun, V.C., A. Mogage, and E. Simion. 2019. Trends in design of ransomware viruses. In Innovative Security Solutions for Information Technology and Communications, ed. J.-L. Lanet and C. Toma, 259–272. Springer International Publishing.CrossRef
88.
Cushing, T. 2017. How minecraft led to the Mirai botnet. TechDirt.
90.
Dang, T.H., P. Maniatis, and D. Wagner. 2015. The performance cost of shadow stacks and stack canaries. In Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security (ASIA CCS’15), New York, 555–566. Association for Computing Machinery.
98.
Dullien, T. 2020. Weird machines, exploitability, and provable unexploitability. IEEE Transactions on Emerging Topics in Computing 8(2): 391–403.CrossRef
103.
Federal Bureau of Investigation. 2018. The Morris worm: 30 years since first major attack on the internet.
112.
Gartner. Endpoint detection and response (EDR) solutions reviews and ratings.
118.
Griffiths, J. 2020. ‘I love you’: How a badly-coded computer virus caused billions in damage and exposed vulnerabilities which remain 20 years on. CNN Business.
121.
Group, J.T.F.T.I.I.W. 2020. Security and privacy controls for federal information systems and organizations. Special Publication (NIST SP) 800-53r5, National Institute of Standards and Technology, Gaithersburg.
122.
Gryaznov, D. 1999. Scanners of the Year 2000: Heuristics. In Proceedings of the 5th International Virus Bulletin.
126.
Halderman, J.A., and E.W. Felten. 2006. Lessons from the Sony CD DRM episode. In Proceedings of the 15th Conference on USENIX Security Symposium – Volume 15 (USENIX-SS’06). USENIX Association.
128.
Hassold, C. 2022. The victimology of ransomware: 4,200 ransomware victims and counting.
135.
Hoglund, G., and G. McGraw. 2004. Exploiting Software. Addison-Wesley Professional.
137.
Howard, M., D. LeBlanc, and J. Viega. 2009. 24 Deadly Sins of Software Security. McGraw-Hill.
142.
ITL, C. 2019. Binary hardening in IoT products.
149.
Karger, P., and R. Schell. 2002. Multics security evaluation: Vulnerability analysis. In 18th Annual Computer Security Applications Conference, 2002. Proceedings, 127–146.
151.
Klein, G., K. Elphinstone, G. Heiser, J. Andronick, D. Cock, P. Derrin, D. Elkaduwe, K. Engelhardt, R. Kolanski, M. Norrish, T. Sewell, H. Tuch, and S. Winwood. 2009. SeL4: Formal verification of an OS kernel. In Proceedings of the ACM SIGOPS 22nd Symposium on Operating Systems Principles (SOSP’09), New York, 207–220. Association for Computing Machinery.
153.
Kocher, P., J. Horn, A. Fogh, D. Genkin, D. Gruss, W. Haas, M. Hamburg, M. Lipp, S. Mangard, T. Prescher, M. Schwarz, and Y. Yarom. 2019. Spectre attacks: Exploiting speculative execution. In 40th IEEE Symposium on Security and Privacy (S&P’19).
154.
Kominski, I. 1989. Computer use in the United States: 1989. Technical Report 171, U.S. Department of Commerce, Bureau of the Census, Washington, DC.
156.
Kshetri, N., and J. Voas. 2017. Do crypto-currencies fuel ransomware? IT Professional 19(5): 11–15.CrossRef
160.
Larochelle, D., and D. Evans. 2001. Statically detecting likely buffer overflow vulnerabilities. In 10th USENIX Security Symposium (USENIX Security 2001), Washington, DC. USENIX Association.
162.
Lhee, K.-S. and S.J. Chapin. 2003. Buffer overflow and format string overflow vulnerabilities. Software Practice and Experience 33(5): 423–460.CrossRef
163.
Lipp, M., M. Schwarz, D. Gruss, T. Prescher, W. Haas, A. Fogh, J. Horn, S. Mangard, P. Kocher, D. Genkin, Y. Yarom, and M. Hamburg. 2018. Meltdown: Reading kernel memory from user space. In 27th USENIX Security Symposium (USENIX Security 18).
171.
Marczak, B., and J. Scott-Railton. 2016. The million dollar dissident. Technical Report 78, University of Toronto.
173.
Marinho, T. 2018. Ransomware encryption techniques. Medium.
174.
Markoff, J. 1988. Author of computer ‘Virus’ is son of N.S.A. expert on data security. The New York Times.
183.
Microsoft Corporation. 2023. Memory integrity and VBS enablement.
185.
Microsoft Corporation. 2023. Virtualization-based security (VBS).
191.
196.
O’Kane, P., S. Sezer, and D. Carlin. 2018a. Evolution of ransomware. IET Networks 7(5): 321–327.CrossRef
198.
Oracle. 2013. Java applet and web start code signing.
201.
Palmer, D. 2019. Mydoom: The 15-year-old malware that’s still being used in phishing attacks in 2019.
202.
Palmer, D. 2022. Android malware: A million people downloaded these malicious apps before they were finally removed from Google play.
206.
Pinto, S., and N. Santos. 2019. Demystifying arm trustzone: A comprehensive survey. ACM Computing Surveys 51(6): 1–36.CrossRef
220.
Roemer, R., E. Buchanan, H. Shacham, and S. Savage. 2012. Return-oriented programming: Systems, languages, and applications. ACM Transactions on Information and System Security 15(1): 1–34.CrossRef
221.
Root, E. 2021. Spook.js, a scary bedtime story.
224.
Ross, R., V. Pillitteri, K. Dempsey, M. Riddle, and G. Guissanie. 2020. Protecting controlled unclassified information in nonfederal systems and organizations. Special Publication (NIST SP) 800-171r2, National Institute of Standards and Technology, Gaithersburg.
226.
238.
Seltzer, L. 2020. 2020 ransomware attacks still mostly through unsecured RDP.
239.
Shacham, H., M. Page, B. Pfaff, E.-J. Goh, N. Modadugu, and D. Boneh. 2004. On the effectiveness of address-space randomization. In Proceedings of the 11th ACM Conference on Computer and Communications Security (CCS’04), New York, 298–307. Association for Computing Machinery.
243.
Sikorski, M., and A. Honig. 2012. Practical Malware Analysis. San Francisco: No Starch Press.
245.
Souppaya, M., and K. Scarfone. 2022. Guide to enterprise patch management planning. Special Publication (NIST SP) 800-40r4, National Institute of Standards and Technology, Gaithersburg.
246.
Souppaya, M., K. Scarfone, and D. Dodson. 2022. Secure software development framework (SSDF) version 1.1. Special Publication (NIST SP) 800-218, National Institute of Standards and Technology, Gaithersburg.
247.
Spafford, E.H. 1989. The internet worm program: An analysis. SIGCOMM Computer Communications Review 19(1): 17–57.CrossRef
259.
263.
Toulas, B. 2022. New Intel chips won’t play blu-ray disks due to SGX deprecation.
282.
Williams, C. 2016. Double ko! Capcom’s street fighter v installs hidden rootkit on PCs. The Register.
288.
Yiu, J. 2017. Software development in ARMv8-M architecture. Presented at Embedded World 2017.
Metadaten
Titel
Host Security Technology
verfasst von
Seth James Nielson
Copyright-Jahr
2023
Verlag
Apress
Buch
Discovering Cybersecurity

Print ISBN: 978-1-4842-9559-5

Electronic ISBN: 978-1-4842-9560-1

Copyright-Jahr: 2023

DOI
https://doi.org/10.1007/978-1-4842-9560-1_7

Premium Partner

    Bildnachweise